Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/e692f7fb3bd283a84cadd8f49aa6b3f1da8423b0.roa
File:                     e692f7fb3bd283a84cadd8f49aa6b3f1da8423b0.roa (raw, json)
Hash identifier:          ded1ndL0pgtMQ6CBgtkyqo0COl/O3gN/4BcXFeLPvE4=
Subject key identifier:   92:53:8D:EC:51:40:3B:63:5C:2D:45:CD:23:9C:AA:72:9A:F1:A0:1C
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       122E89
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/e692f7fb3bd283a84cadd8f49aa6b3f1da8423b0.roa
Signing time:             Wed 29 Nov 2023 15:37:54 +0000
ROA not before:           Wed 29 Nov 2023 15:37:53 +0000
ROA not after:            Sat 29 Nov 2025 15:37:53 +0000
asID:                     262231
IP address blocks:        201.251.221.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Apr 2024 06:11:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1191561 (0x122e89)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Nov 29 15:37:53 2023 GMT
            Not After : Nov 29 15:37:53 2025 GMT
        Subject: CN=e692f7fb3bd283a84cadd8f49aa6b3f1da8423b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:3c:69:c9:f5:42:61:15:24:1a:e7:99:03:9f:
                    ec:30:01:bb:df:d5:f3:8c:c7:54:fb:b2:3e:70:15:
                    a0:f5:b8:da:0d:e2:32:c0:8b:42:74:7c:f7:df:b6:
                    b8:c0:e8:ff:ed:f5:73:80:e0:cc:1e:77:f4:98:cf:
                    a5:d0:d8:81:04:b3:59:ef:ef:37:6d:a2:ad:ed:e6:
                    38:a8:fc:07:3c:a1:0b:f7:d6:d9:91:f8:bc:3b:02:
                    dd:bd:4d:1f:2e:70:f3:a9:24:27:d5:0c:a4:8a:3a:
                    6f:48:e8:48:95:d8:6c:27:45:17:69:a3:73:c1:bc:
                    dc:db:6a:fc:b1:9d:b9:86:c1:96:59:75:c2:6c:95:
                    08:2c:8d:57:43:e9:a0:f7:27:d9:4d:8c:6c:4d:55:
                    27:da:b9:8b:09:77:a6:4d:9a:18:c8:90:3b:eb:1b:
                    99:25:92:79:b2:31:64:5f:08:57:45:c2:c2:60:3f:
                    b6:15:28:da:6f:7c:fa:9b:27:e4:a3:f2:0c:b9:75:
                    cf:40:31:4a:53:c4:5d:a6:90:84:31:e4:3e:dd:93:
                    42:2c:fd:eb:1b:b9:0b:1f:b9:1c:ce:1d:e9:00:fe:
                    c3:8b:9c:b0:e3:51:fe:02:c9:30:85:cd:44:63:ba:
                    76:f5:69:10:24:65:c8:f1:25:26:4e:f7:b0:6b:07:
                    4e:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:53:8D:EC:51:40:3B:63:5C:2D:45:CD:23:9C:AA:72:9A:F1:A0:1C
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/e692f7fb3bd283a84cadd8f49aa6b3f1da8423b0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.251.221.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:87:22:e8:0e:07:d8:19:52:85:7a:42:65:8d:39:bd:7e:9c:
         91:99:5d:d5:2f:f6:10:70:5c:97:fe:65:7b:84:69:d9:67:67:
         c8:0a:6e:1c:d5:fd:e8:c8:99:6c:e8:ed:7f:10:79:af:0e:90:
         bd:97:88:8a:49:4f:be:51:85:15:e6:0e:ba:5b:63:8e:e4:69:
         40:f0:56:cb:d0:89:d1:1a:de:e1:0d:39:48:82:b9:34:bb:84:
         48:65:f7:63:e7:b9:8a:50:c3:62:8d:c5:09:79:71:a2:b9:a2:
         3c:08:a0:11:f7:6c:f7:b6:a7:45:17:31:4b:b7:4e:18:5e:bb:
         d2:57:4f:1f:9a:75:d7:0e:f5:ae:56:5c:62:54:d8:96:1c:89:
         de:38:6c:af:f4:b3:3f:4b:e9:e6:08:d5:41:e8:10:ca:74:f4:
         8a:14:55:a2:3a:5b:a1:fb:56:fe:ad:c8:b4:e9:b5:6f:b7:2c:
         d8:15:a1:1d:0e:a4:5f:96:15:1b:e8:af:76:a8:89:ad:34:01:
         dd:bc:15:04:a2:be:c7:38:af:e7:6c:03:b1:eb:54:01:31:db:
         4c:bf:6c:22:6e:52:1a:2e:30:a3:6b:46:3f:06:d2:2a:dc:25:
         b2:71:39:7c:28:08:69:8c:c2:ed:17:cf:42:30:c1:b8:9f:32:
         e0:a9:89:ed
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDEi6JMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjMxMTI5
MTUzNzUzWhcNMjUxMTI5MTUzNzUzWjAzMTEwLwYDVQQDEyhlNjkyZjdmYjNiZDI4
M2E4NGNhZGQ4ZjQ5YWE2YjNmMWRhODQyM2IwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsDxpyfVCYRUkGueZA5/sMAG739XzjMdU+7I+cBWg9bjaDeIy
wItCdHz337a4wOj/7fVzgODMHnf0mM+l0NiBBLNZ7+83baKt7eY4qPwHPKEL99bZ
kfi8OwLdvU0fLnDzqSQn1QykijpvSOhIldhsJ0UXaaNzwbzc22r8sZ25hsGWWXXC
bJUILI1XQ+mg9yfZTYxsTVUn2rmLCXemTZoYyJA76xuZJZJ5sjFkXwhXRcLCYD+2
FSjab3z6myfko/IMuXXPQDFKU8RdppCEMeQ+3ZNCLP3rG7kLH7kczh3pAP7Di5yw
41H+Askwhc1EY7p29WkQJGXI8SUmTvewawdODQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFJJTjexRQDtjXC1FzSOcqnKa8aAcMB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2L2U2OTJmN2ZiM2JkMjgzYTg0Y2FkZDhmNDlhYTZiM2YxZGE4NDIzYjAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMn73TANBgkqhkiG9w0BAQsFAAOCAQEAOYci6A4H2BlShXpC
ZY05vX6ckZld1S/2EHBcl/5le4Rp2WdnyApuHNX96MiZbOjtfxB5rw6QvZeIiklP
vlGFFeYOultjjuRpQPBWy9CJ0Rre4Q05SIK5NLuESGX3Y+e5ilDDYo3FCXlxormi
PAigEfds97anRRcxS7dOGF670ldPH5p11w71rlZcYlTYlhyJ3jhsr/SzP0vp5gjV
QegQynT0ihRVojpboftW/q3ItOm1b7cs2BWhHQ6kX5YVG+ivdqiJrTQB3bwVBKK+
xziv52wDsetUATHbTL9sIm5SGi4wo2tGPwbSKtwlsnE5fCgIaYzC7RfPQjDBuJ8y
4KmJ7Q==
-----END CERTIFICATE-----
Generated at Mon Apr 15 09:53:54 2024 by rpki-client on console-ams.rpki-client.org